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DETAILED ACTION 

1. Claims 26-37 are pending. 

2. Amendment filed 12/12/2006 has been received. and 
considered. 

Priority 

3. Acknowledgment is made of applicant's claim for foreign 
priority under 35 U.S.C. 119(a)-(d). The certified copy has 
been received on 11/23/2003. 

Claim Rejections - 35 USC §103 

4. The following is a quotation of '35 U.S.C. 103(a) which 
forms the basis for all obviousness rejections set forth in this 
Office action: 

(a) A patent may not be obtained though the invention is not identically 
disclosed or described as set forth in section 102 of this title, if the 
differences between the subject matter sought to be patented and the prior 
art are such that the subject matter as a whole would have been obvious at 
the time the invention was made to a person having ordinary skill in the 
art to which said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

5. Claims 26-27, 29-30, 33, 34', 36, 37 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Dobbins et al (US 
5485455) in view of Jain et al (US 6311218) and further in view 
of Inoue et al (US 6891819) . 

As per claims 26 and 29, Dobbins et al discloses a network 
relaying method for a communication network system in which a 
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plurality of network devices are coupled via a communication 
path, each network device including a network relaying device 
which is coupled via a plurality of I/O ports to a corresponding 
plurality of terminals (see column 7- line 60 through column 8 
line 21), the method comprising the steps of: 

receiving a packet at a first I/O port from a source 
terminal coupled to the first I/O port, the packet including a 
header containing a packet transmission source address (see 
column 8 lines 30-34); 

determining whether a combination of the first I/O port and 
the packet transmission source address coincides with a 
combination of an I/O port and a transmission source address 
that have been registered in advance with a correspondence there 
between (see column 8 lines 35-36); 

• when the determining step results in a determination that 
the combination of the first I/O port and the packet 
transmission source address coincides with a combination of an 
I/O port and transmission source address that have been 
registered in advance with a correspondence there between, 
transferring the packet received at the first I/O port via a 
second I/O port (see column 9 lines 38-46); 

when the determining step results in a determination that 
the combination of the first I/O port and the packet 
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transmission source address do not have a coincidence with a 
combination of an I/O port and transmission source address that 
have been registered in advance with a correspondence there 
between: limiting transfer of the received packet registering 
the first I/O port with a correspondence to the packet 
transmission source; and transferring the packet received at the 
first I/O port via the second I/O port (see column 8 line 37 
through column 9 line 37 and claim 4). 

Dobbins et al fails to disclose transmitting a request for 
user authentication of a user to the source terminal; receiving 
user authentication information sent from the source terminal in 
response to the request for user authentication; executing user 
authentication of the user based on the user authentication 
information thus received and based on the packet transmission 
source address. 

However, Jain et al teaches such authentication (see column 
5 line 21 through column 6 line 15) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to Jain et al's 
authentication method in Dobbins et al's connection method. 

Motivation to do so would have been to authenticate and 
unauthenticated port (see Jain et al column 5 lines 20-40) . 
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The modified Dobbins et al and Jain et al system fails to 
explicitly disclose when the user is not authenticated, not 
transferring the packet. 

However, Inoue et al teaches such a limitation (see column 
12 lines 21-44) . 

At the time of the inven-tion it would have been obvious to 
a person of ordinary skill in the art to include the 
authentication processing steps of Inoue et al in the modified 
system of Dobbins et al and Jain et al. 

Motivation to do so would have been to cope with a password 
guessing attack (see Inoue et al column 12 lines 21-44) . 

As per claims 27 and 30, the modified Dobbins et al, Jain 
et al and Inoue et al system discloses the authentication 
including a user name (see Jain et al column 5 lines 20-40) , but 
fails to disclose a password. However Official Notice is take 
that at the time of the invention it would have been obvious to 
one of ordinary skill in the art to include a password for the 
authentication in the modified system. Motivation to do so 
would have been to provide authorized access to the system. 

As per claims 33 and 36, the modified Dobbins et al, Jain 
et al and Inoue et al system discloses the step of performing 
user authentication periodically for each of said plurality of 
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terminals having an address registered in advance with a 
correspondence .to an I/O port (see Jain column 5 lines 20-40) . 

As per claims 34 and 37, the modified Dobbins et al, Jain 
et al and Inoue et al system discloses determining whether the 
destination address is registered in advance as a source address 
in combination with an I/O port (see Dobbins et al column 8 
lines 30-36) ; if the determining step determines that the 
destination address of the received packet is not registered in 
advance as a source address in combination with an I/O port, 
user authentication is made as to -a destination terminal having 
the destination address, by transmitting a request for user 
authentication to the destination terminal of the received 
packet (see Dobbins column 8 lines 30-36 and column 9 lines 38- 
46 and Jain column 5 line 20 through column 6 line 15) ; 
receiving user authentication information sent from the 
destination terminal in response to the request for user 
authentication based on the user authentication information thus 
received from the destination terminal (see Jain column 5 line 
20 through column 6 line 15); when the user is ■ authenticated by 
the user authentication based on the user authentication 
information received from the destination terminal registering 
the first I/O port with a correspondence to the destination 
address; and when the user is not authenticated by the user 
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authentication based on the user authentication information 
received from the destination terminal, not registering the 
first I/O port with a correspondence to the destination address 
(see Dobbins column 8 lines 30-36 and column 9 lines 38-46 and 
Inoue et al column 16 lines 6-21) . 

/ 

6. Claims 28 and 31 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over the modified Dobbins et al, Jain et al 
and Inoue et al system as applied to claims 26 and 29 above, and 
further in view of Townsend et al (US 5661719) . 

As per claims 28 and 31, the modified Dobbins et al, Jain 
et al and Inoue et al system teaches the transmission source 
address includes a MAC address (see Dobbins et al column 9 lines 
10-25) . 

The modified Dobbins et al, Jain et al and Inoue et al 
system fails to teach the transmission source address also 
includes an IP address. 

However, Townsend et al teaches a transmission source 
address includes an IP and MAC address (see column 3 lines 13- 
24) . 

At the time of the invention it would have been obvious to 
a person of ordinary skill in the art to include both address in 
the modified Dobbins et al, Jain et al and Inoue et al system. 
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Motivation to do so would have been to have both the 
physical and logical address of the source (see Townsend et al 
column 3 lines 13-24) . 

Allowable Subject Matter 

7. Claims 32 and 35 objected to as being dependent upon a 
rejected base claim, but would be allowable if rewritten in 
independent form including all of the limitations of the base 
claim and any intervening claims. 

8. The following is a statement of reasons for the indication 
of -allowable subject matter: the Prior Art teaches sending a 
message to all members of a VLAN (see Hart column 1 lines 15- 
35) , but fails to teach the message is based on failed 
authentication , 

Response to Arguments 

9. Applicant's arguments filed 12/12/2006 have been fully 
considered but they are not persuasive. Applicant argues that 
Inoue fails to teach when user authentication . fails , a packet 
sent from the source terminal is inhibited from being 
transferred via a second port and there is no motivation to 
combine Inoue with Dobbins and Jain. 
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With respect to Applicant's argument that Inoue fails to 
teach when user authentication fails, a packet sent from the 
source terminal is inhibited from being transferred via a second 
port, one cannot show nonobviousness by attacking references 
individually where the rejections are based on combinations of 
references. See In re Keller, 642.T.2d 413, 208 USPQ 871 (CCPA 
1981); In re Merck & Co.,, 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 
1986) . In this case Inoue was relied upon for" the teaching of 
not sending a packet upon failed authentication, which is taught 
in column 12 lines 21-44. The mobile computer of Inoue 
transmits a packet to a local port to be sent to the home agent 
and when authentication fails, the local port does not send the 
packet. When applying this concept to the combination of 
Dobbins and Jain, which receives packets at one port and 
transmits then via a second port, the packet of Inoue is 
received at the first port and when -the authentication has 
failed the packet is inhibited from being sent via the second 
port. Therefore, the combination of Dobbins, Jain and Inoue 
teaches when user authentication . fails , a packet sent from the 
source terminal is inhibited from being transferred via a second 
port . 

With respect to Applicant's argument that there is.no - 
motivation to combine Inoue with Dobbins and Jain, as given 
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above the motivation would have been to cope with a password 
guessing attack (see Inoue et al column 12 lines 21-44). 
Applicant further states that the combination would frustrate 
Inoue' s stated purpose of reducing the load caused by repeated 
unsuccessful attempts to authenticate, however, as given in the 
response above the packets would never be sent via the second 
port and therefore would not frustrate the purpose of reducing 
the' load. 

Conclusion 

10. THIS ACTION IS MADE FINAL. Applicant is reminded of the 
extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action 
is set to expire THREE MONTHS from the mailing date of this 
action. In the event a first reply is filed within TWO MONTHS 
of the mailing date of this final action and the advisory action 
is not mailed until after the end of the THREE-MONTH shortened 
statutory period, then the shortened statutory period. will 
expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated 
from the mailing date of the advisory action. In no event, 
however, will the statutory period . for reply expire later than 
SIX MONTHS from the mailing date of this final action. 
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Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to Michael 
Pyzocha whose telephone number is (571) 272-3875. The examiner 
can normally be reached on 7:00am - 4:30pm first Fridays of the 
bi-week off. 

If attempts to reach the examiner by telephone are 
unsuccessful, the examiner's supervisor, Emmanuel Moise can be 
reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 
571-273-8300. 

Information regarding the status of an application may be 
obtained from the Patent Application 'information Retrieval 
(PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, 
see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free) . 
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